PDA

View Full Version : [ubuntu] Ubuntu 8.10 LDAP client


smythsys
April 15th, 2009, 04:40 PM
Hi,

I've set up a 8.10 Ubuntu LDAP server on a local network. It seems to be working fine locally (I can ldap search, phpldap manage and so on).

The problems arise when trying to connect a client. The client can ldapsearch the server (specifying the ip address). However when I try any command and it queries the server (finder, pamtest, getent...) I get auth failed and on the auth log I get the following.


Apr 15 15:44:58 Puesto1 pamtest: PAM unable to dlopen(/lib/security/pam_foreground.so): /lib/security/pam_foreground.so: cannot open shared object file: No such file or directory
Apr 15 15:44:58 Puesto1 pamtest: PAM adding faulty module: /lib/security/pam_foreground.so
Apr 15 15:45:01 Puesto1 pamtest: nss_ldap: could not connect to any LDAP server as (null) - Can't contact LDAP server
Apr 15 15:45:01 Puesto1 pamtest: nss_ldap: failed to bind to LDAP server ldapi:///192.168.1.168: Can't contact LDAP server
Apr 15 15:45:01 Puesto1 pamtest: nss_ldap: reconnecting to LDAP server...
Apr 15 15:45:01 Puesto1 pamtest: nss_ldap: could not connect to any LDAP server as (null) - Can't contact LDAP server
Apr 15 15:45:01 Puesto1 pamtest: nss_ldap: failed to bind to LDAP server ldapi:///192.168.1.168: Can't contact LDAP server
Apr 15 15:45:01 Puesto1 pamtest: nss_ldap: reconnecting to LDAP server (sleeping 1 seconds)...
Apr 15 15:45:02 Puesto1 pamtest: nss_ldap: could not connect to any LDAP server as (null) - Can't contact LDAP server
Apr 15 15:45:02 Puesto1 pamtest: nss_ldap: failed to bind to LDAP server ldapi:///192.168.1.168: Can't contact LDAP server
Apr 15 15:45:02 Puesto1 pamtest: nss_ldap: could not search LDAP server - Server is unavailable
Apr 15 15:45:02 Puesto1 pamtest: pam_unix(passwd:auth): check pass; user unknown
Apr 15 15:45:02 Puesto1 pamtest: pam_unix(passwd:auth): authentication failure; logname=persona uid=1000 euid=1000 tty= ruser= rhost=


Would anybody know why the client canīt connect to the server?
I'd appreciate any help.

Thanks
JochenJung
April 16th, 2009, 04:01 PM
On our servers (SLES 9) I got the issue, that ldapsearch was using /etc/openldap/ldap.conf, but PAM was looking into /etc/ldap.conf

Maybe these two use differnt config files in Ubuntu, too.
shunan
April 18th, 2009, 09:33 PM
Hi,

I've set up a 8.10 Ubuntu LDAP server on a local network. It seems to be working fine locally (I can ldap search, phpldap manage and so on).

The problems arise when trying to connect a client. The client can ldapsearch the server (specifying the ip address). However when I try any command and it queries the server (finder, pamtest, getent...) I get auth failed and on the auth log I get the following.


Apr 15 15:44:58 Puesto1 pamtest: PAM unable to dlopen(/lib/security/pam_foreground.so): /lib/security/pam_foreground.so: cannot open shared object file: No such file or directory
Apr 15 15:44:58 Puesto1 pamtest: PAM adding faulty module: /lib/security/pam_foreground.so
Apr 15 15:45:01 Puesto1 pamtest: nss_ldap: could not connect to any LDAP server as (null) - Can't contact LDAP server
Apr 15 15:45:01 Puesto1 pamtest: nss_ldap: failed to bind to LDAP server ldapi:///192.168.1.168: Can't contact LDAP server
Apr 15 15:45:01 Puesto1 pamtest: nss_ldap: reconnecting to LDAP server...
Apr 15 15:45:01 Puesto1 pamtest: nss_ldap: could not connect to any LDAP server as (null) - Can't contact LDAP server
Apr 15 15:45:01 Puesto1 pamtest: nss_ldap: failed to bind to LDAP server ldapi:///192.168.1.168: Can't contact LDAP server
Apr 15 15:45:01 Puesto1 pamtest: nss_ldap: reconnecting to LDAP server (sleeping 1 seconds)...
Apr 15 15:45:02 Puesto1 pamtest: nss_ldap: could not connect to any LDAP server as (null) - Can't contact LDAP server
Apr 15 15:45:02 Puesto1 pamtest: nss_ldap: failed to bind to LDAP server ldapi:///192.168.1.168: Can't contact LDAP server
Apr 15 15:45:02 Puesto1 pamtest: nss_ldap: could not search LDAP server - Server is unavailable
Apr 15 15:45:02 Puesto1 pamtest: pam_unix(passwd:auth): check pass; user unknown
Apr 15 15:45:02 Puesto1 pamtest: pam_unix(passwd:auth): authentication failure; logname=persona uid=1000 euid=1000 tty= ruser= rhost=


Would anybody know why the client canīt connect to the server?
I'd appreciate any help.

Thanks
We had a similar issue where the reserver DNS was not set!

Try using the FQDN for in the ldap config file rather than the IP!

So instead of dapi:///192.168.1.168/ try using the servername.domainname.com
smythsys
April 19th, 2009, 09:01 PM
For any who encounters the problem.

The problem is with using ldapi. If you use ldap:// (2 backslash not 3) on both server and client it works.

Seems ldapi is the future but still not working correctly.
nroussi
April 28th, 2009, 08:53 PM
thank you smythsys. it worked perfectly